How to recover deleted excahnge object on DC with ldp.exe tool ?


I did something terribly wrong, by a mistake I deleted a system object in AD on my DC. In AD console, with advanced view open, under catalog Microsoft Exchange System object, there was 2 objects; Now there is only one, the security group Install Exchange servers. The other was deleted by me.

I can find the object with the LDP.EXE tool under CN=deleted objects.

How do I "Move" this object back to its original place? Is it possible? I need some serious help here.....

I need instruktions how to do this. I have found this link:,289483,sid1_gci1141514,00.html

But I just cant get the right script made? Can anyone out there help me out of disaster?

I do have a FULL backup of my DC. Can i transfer a piece(catalog) from this witch makes it all good again?

Who is Participating?
LauraEHunterMVPConnect With a Mentor Commented:
> "Regarding the DistinguishedName, can I make it easyer to my challange, to restore all deleted objects, and then after going trough this above, just delete those object that are restored who i dont need?"

This is precisely what is entailed in performing a system state restore and then marking the individual object that you require as authoritative.  

The Distinguished Name of the object is the LDAP name of the object as it appeared before it was deleted, including the DN of the original parent container. The DN that you list above is the DN of the tombstoned object, which is not the DN that you need to refer to in order to mark the restore as authoritative.

I would recommend that you develop a stronger understanding of system state backup and restores (start at the link I listed in a previous comment)  before attempting to perform an authoritative restore on a production network, and/or perform the operation in a test lab first, as doing so incorrectly can cause significant damage to your network.
You will need to perform an authoritative restore of the object that you deleted using the ntdsutil utility as described here:

You will perform a recovery of the system state of your Active Directory database, and then use ntdsutil to mark the single object that you deleted as authoritative; this requires the original distinguished name of the object.

For a single object you can also try your luck with the following freeware tool released by Quest:
forhumanityAuthor Commented:
Thanx Laura.

Just to clear a few things. I have a system state backup. Wich I will use as described in the links above.

Regarding the DistinguishedName, can I make it easyer to my challange, to restore all deleted objects, and then after going trough this above, just delete those object that are restored who i dont need?

Saying this because there are a few other objects that has the name of my Exchange server(maybee my trailversion), my point is that it looks like my deletion is made up of more then one object? Or is it just this one pasted in here?

CN=SystemMailbox{07B0C30B-D567-476F-9047-D2844228DBB8}\0ADEL:01ccda74-46d3-49ca-8195-ac55ec5b9d13,CN=Deleted Objects,DC=Humanitybar,DC=local
      2> objectClass: top; msExchSystemMailbox;
      1> cn: SystemMailbox{07B0C30B-D567-476F-9047-D2844228DBB8}
      1> distinguishedName: CN=SystemMailbox{07B0C30B-D567-476F-9047-D2844228DBB8}\0ADEL:01ccda74-46d3-49ca-8195-ac55ec5b9d13,CN=Deleted Objects,DC=Humanitybar,DC=local;

Is my distinguishedName just: CN=SystemMailbox ? Or is it the whole phrase?

And to "restore" all deleted items what distinguishedName would I use? What would you recomend doing?

And again, thanx for your support here....

forhumanityAuthor Commented:
Thanx for your help. I did and Recovery Manager for Active Directory - a fantastic tool !!!
That is what I call a solution!!

All Courses

From novice to tech pro — start learning today.